El mar., 8 oct. 2019 a las 13:08, David Lang (<[email protected]>) escribió: > > centos 6 has 1.0.1e (with lots of backports) > > if I don't try to configure ciphers, is there a config that will work? or is > the > anon auth mode part of what requires this API? (or something like that)
David, I guess you missed an important part in my initial response: 8.1908 has a BUG that emits this error message in all cases, even if the API is not used. This was fixed in 8.1910. As a work-around, the error message can simply be ignored. Fix PR: https://github.com/rsyslog/rsyslog/pull/3851 Andre: please correct me if I am wrong in this case. Rainer > > David Lang > > On Tue, 8 Oct 2019, Andre Lorbach wrote: > > > Date: Tue, 8 Oct 2019 12:53:04 +0200 > > From: Andre Lorbach <[email protected]> > > To: rsyslog-users <[email protected]>, David Lang <[email protected]> > > Cc: Rainer Gerhards <[email protected]> > > Subject: RE: [rsyslog] required version of openssl > > > > We need to use SSL_CONF_cmd API to set custom ciphers and other options. > > This API was added in OpenSSL 1.0.2, see the API documentation: > > https://www.openssl.org/docs/man1.0.2/man3/SSL_CONF_cmd.html > > > > CentOS 6 is probably using old OpenSSL 0.9.8 which does not support that > > API. > > > > Our testbench is skipping those tests when such an old OpenSSL Version is > > being found. > > > > Best regards, > > Andre Lorbach > > > > > >> -----Original Message----- > >> From: rsyslog [mailto:[email protected]] On Behalf Of > >> Rainer Gerhards via rsyslog > >> Sent: Tuesday, October 8, 2019 10:03 AM > >> To: David Lang <[email protected]> > >> Cc: Rainer Gerhards <[email protected]>; rsyslog-users > >> <[email protected]> > >> Subject: Re: [rsyslog] required version of openssl > >> > >> side note: testbench has smaples, e.g. > >> https://github.com/rsyslog/rsyslog/blob/master/tests/imtcp-tls-ossl-error- > >> cert.sh > >> > >> If you go to the tests dir, all tests with "ossl" in them use the openssl > >> TLS > >> driver. > >> > >> HTH > >> Rainer > >> > >> El mar., 8 oct. 2019 a las 9:54, Rainer Gerhards > >> (<[email protected]>) escribió: > >>> > >>> Can you show your config line? Maybe what you try to set is actually > >>> what requires the newer openSSL API. > >>> > >>> Andre, can you step in here? > >>> > >>> Rainer > >>> > > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
